Thanks Viktor for the prompt reply! Our clients are not certified if they don't verify the server cert. Though impersonate is an issue, our security folks are also concerned about the privacy of existing sessions and newly created sessions -- which I don't think valid in our case.
Thanks, Joe Guan > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:owner-openssl- > [EMAIL PROTECTED] On Behalf Of Victor Duchovni > Sent: July-28-08 11:58 AM > To: [email protected] > Subject: Re: client private key compromise enables man-in-the-middle > attack? > > On Mon, Jul 28, 2008 at 11:49:51AM -0400, Joe Guan wrote: > > > Hi folks, > > > > > > > > From my understanding that if a TLS/SSL client is using client > certificate, > > the compromise of its private key alone won't allow man-in-the-middle > attack > > if ciphers are selected properly (of course anonymous ciphers are > > vulnerable) - as the man-in-the-middle cannot forge the signatures > made by > > the server side. This being said, having other credentials, the > hacker could > > impersonate the client whose private key was stolen. > > > > If the user is not verifying the server cert, then compromise of the > client key enables an MITM attack. > > Irrespective of that, the attacker can impersonate the user by > connecting directly, assuming the client key is sufficient for user > authentication. > > -- > Viktor. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [email protected] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
